newrelic_rpm 9.12.0 → 9.13.0

data/lib/tasks/helpers/newrelicyml.rb

@@ -45,6 +45,34 @@ module NewRelicYML
 
   HEADER
 
+  SECURITY_BEGIN = <<-SECURITY
+  # BEGIN security agent
+  #
+  #   NOTE: At this time, the security agent is intended for use only within
+  #         a dedicated security testing environment with data that can tolerate
+  #         modification or deletion. The security agent is available as a
+  #         separate Ruby gem, newrelic_security. It is recommended that this
+  #         separate gem only be introduced to a security testing environment
+  #         by leveraging Bundler grouping like so:
+  #
+  #         # Gemfile
+  #         gem 'newrelic_rpm'               # New Relic APM observability agent
+  #         gem 'newrelic-infinite_tracing'  # New Relic Infinite Tracing
+  #
+  #         group :security do
+  #           gem 'newrelic_security', require: false # New Relic security agent
+  #         end
+  #
+  #   NOTE: All "security.*" configuration parameters are related only to the
+  #         security agent, and all other configuration parameters that may
+  #         have "security" in the name somewhere are related to the APM agent.
+  
+  SECURITY
+
+  SECURITY_END = <<-SECURITY
+  # END security agent
+  SECURITY
+
   FOOTER = <<~FOOTER
     # Environment-specific settings are in this section.
     # RAILS_ENV or RACK_ENV (as appropriate) is used to determine the environment.
@@ -67,16 +95,35 @@ module NewRelicYML
   FOOTER
 
   def self.get_configs(defaults)
-    defaults.sort.each_with_object({}) do |(key, value), final_configs|
+    agent_configs = {}
+    security_configs = {}
+
+    defaults.sort.each do |key, value|
       next if CRITICAL.include?(key) || SKIP.include?(key)
 
       next unless public_config?(value) && !deprecated?(value)
 
-      sanitized_description = sanitize_description(value[:description])
-      description = format_description(sanitized_description)
-      default = default_value(key, value)
-      final_configs[key] = {description: description, default: default}
+      # TODO: OLD RUBIES < 2.6
+      # Remove `to_s`. `start_with?` doesn't accept symbols in Ruby <2.6
+      if key.to_s.start_with?('security.')
+        description, default = build_config(key, value)
+        security_configs[key] = {description: description, default: default}
+        next
+      end
+
+      description, default = build_config(key, value)
+      agent_configs[key] = {description: description, default: default}
     end
+
+    [agent_configs, security_configs]
+  end
+
+  def self.build_config(key, value)
+    sanitized_description = sanitize_description(value[:description])
+    description = format_description(sanitized_description)
+    default = default_value(key, value)
+
+    [description, default]
   end
 
   def self.public_config?(value)
@@ -126,15 +173,30 @@ module NewRelicYML
     end
   end
 
-  def self.build_string(defaults)
-    configs = get_configs(defaults)
-    yml_string = ''
+  def self.agent_configs_yml(agent_configs)
+    agent_yml = ''
+    agent_configs.each do |key, value|
+      agent_yml += "#{value[:description]}\n  # #{key}: #{value[:default]}\n\n"
+    end
+
+    agent_yml
+  end
 
-    configs.each do |key, value|
-      yml_string += "#{value[:description]}\n  # #{key}: #{value[:default]}\n\n"
+  def self.security_configs_yml(security_configs)
+    security_yml = ''
+    security_configs.each do |key, value|
+      security_yml += "#{value[:description]}\n  # #{key}: #{value[:default]}\n\n"
     end
 
-    yml_string
+    security_yml
+  end
+
+  def self.build_string(defaults)
+    agent_configs, security_configs = get_configs(defaults)
+    agent_string = agent_configs_yml(agent_configs)
+    security_string = security_configs_yml(security_configs)
+
+    agent_string + SECURITY_BEGIN + security_string + SECURITY_END + "\n"
   end
 
   # :nocov:

data/lib/tasks/instrumentation_generator/instrumentation.thor

@@ -103,7 +103,7 @@ class Instrumentation < Thor
     <<-CONFIG
         :'instrumentation.#{snake_name}' => {
           :default => 'auto',
-          :documentation_default => 'auto'
+          :documentation_default => 'auto',
           :public => true,
           :type => String,
           :dynamic_name => true,

data/lib/tasks/instrumentation_generator/templates/dependency_detection.tt

@@ -12,16 +12,16 @@ DependencyDetection.defer do
   depends_on do
     # The class that needs to be defined to prepend/chain onto. This can be used
     # to determine whether the library is installed.
-    defined?(::<%= @class_name %>)
+    defined?(<%= @class_name %>)
     # Add any additional requirements to verify whether this instrumentation
     # should be installed
   end
 
   executes do
-    ::NewRelic::Agent.logger.info('Installing <%= @name.downcase %> instrumentation')
+    NewRelic::Agent.logger.info('Installing <%= @name.downcase %> instrumentation')
 
     if use_prepend?
-      prepend_instrument ::<%= @class_name %>, NewRelic::Agent::Instrumentation::<%= @class_name %>::Prepend
+      prepend_instrument <%= @class_name %>, NewRelic::Agent::Instrumentation::<%= @class_name %>::Prepend
     else
       chain_instrument NewRelic::Agent::Instrumentation::<%= @class_name %>::Chain
     end

data/newrelic.yml

@@ -509,6 +509,10 @@ common: &default_settings
   # prepend, chain, disabled.
   # instrumentation.net_http: auto
 
+  # Controls auto-instrumentation of the opensearch-ruby library at start-up. May
+  # be one of auto, prepend, chain, disabled.
+  # instrumentation.opensearch: auto
+
   # Controls auto-instrumentation of Puma::Rack. When enabled, the agent hooks
   # into the to_app method in Puma::Rack::Builder to find gems to instrument
   # during application startup. May be one of: auto, prepend, chain, disabled.
@@ -607,6 +611,12 @@ common: &default_settings
   # When true, the agent transmits data about your app to the New Relic collector.
   # monitor_mode: true
 
+  # If true, the agent captures OpenSearch queries in transaction traces.
+  # opensearch.capture_queries: true
+
+  # If true, the agent obfuscates OpenSearch queries in transaction traces.
+  # opensearch.obfuscate_queries: true
+
   # If true, uses Module#prepend rather than alias_method for ActiveRecord
   # instrumentation.
   # prepend_active_record_instrumentation: false
@@ -645,60 +655,6 @@ common: &default_settings
   # ignoring specific transactions.
   # rules.ignore_url_regexes: []
 
-  # BEGIN security agent
-  #
-  #   NOTE: At this time, the security agent is intended for use only within
-  #         a dedicated security testing environment with data that can tolerate
-  #         modification or deletion. The security agent is available as a
-  #         separate Ruby gem, newrelic_security. It is recommended that this
-  #         separate gem only be introduced to a security testing environment
-  #         by leveraging Bundler grouping like so:
-  #
-  #         # Gemfile
-  #         gem 'newrelic_rpm'               # New Relic APM observability agent
-  #         gem 'newrelic-infinite_tracing'  # New Relic Infinite Tracing
-  #
-  #         group :security do
-  #           gem 'newrelic_security', require: false # New Relic security agent
-  #         end
-  #
-  #   NOTE: All "security.*" configuration parameters are related only to the
-  #         security agent, and all other configuration parameters that may
-  #         have "security" in the name some where are related to the APM agent.
-  #
-
-  # If true, the security agent is loaded (a Ruby 'require' is performed)
-  # security.agent.enabled: false
-
-  # The port the application is listening on. This setting is mandatory for
-  # Passenger servers. Other servers should be detected by default.
-  # security.application_info.port: nil
-
-  # If true, enables deserialization detection
-  # security.detection.deserialization.enabled: true
-
-  # If true, enables RCI (remote code injection) detection
-  # security.detection.rci.enabled: true
-
-  # If true, enables RXSS (reflected cross-site scripting) detection
-  # security.detection.rxss.enabled: true
-
-  # If true, the security agent is started (the agent runs in its event loop)
-  # security.enabled: false
-
-  # Defines the mode for the security agent to operate in. Currently only IAST is
-  # supported
-  # security.mode: IAST
-
-  # Defines the request body limit to process in security events (in KB). The
-  # default value is 300, for 300KB.
-  # security.request.body_limit: 300
-
-  # Defines the endpoint URL for posting security-related data
-  # security.validator_service_url: wss://csec.nr-data.net
-
-  # END security agent
-
   # Applies Language Agent Security Policy settings.
   # security_policies_token: ""
 
@@ -916,6 +872,59 @@ common: &default_settings
   # Foundry environment.
   # utilization.detect_pcf: true
 
+  # BEGIN security agent
+  #
+  #   NOTE: At this time, the security agent is intended for use only within
+  #         a dedicated security testing environment with data that can tolerate
+  #         modification or deletion. The security agent is available as a
+  #         separate Ruby gem, newrelic_security. It is recommended that this
+  #         separate gem only be introduced to a security testing environment
+  #         by leveraging Bundler grouping like so:
+  #
+  #         # Gemfile
+  #         gem 'newrelic_rpm'               # New Relic APM observability agent
+  #         gem 'newrelic-infinite_tracing'  # New Relic Infinite Tracing
+  #
+  #         group :security do
+  #           gem 'newrelic_security', require: false # New Relic security agent
+  #         end
+  #
+  #   NOTE: All "security.*" configuration parameters are related only to the
+  #         security agent, and all other configuration parameters that may
+  #         have "security" in the name somewhere are related to the APM agent.
+  
+  # If true, the security agent is loaded (a Ruby 'require' is performed)
+  # security.agent.enabled: false
+
+  # The port the application is listening on. This setting is mandatory for
+  # Passenger servers. Other servers should be detected by default.
+  # security.application_info.port: nil
+
+  # If true, enables deserialization detection
+  # security.detection.deserialization.enabled: true
+
+  # If true, enables RCI (remote code injection) detection
+  # security.detection.rci.enabled: true
+
+  # If true, enables RXSS (reflected cross-site scripting) detection
+  # security.detection.rxss.enabled: true
+
+  # If true, the security agent is started (the agent runs in its event loop)
+  # security.enabled: false
+
+  # Defines the mode for the security agent to operate in. Currently only IAST is
+  # supported
+  # security.mode: IAST
+
+  # Defines the request body limit to process in security events (in KB). The
+  # default value is 300, for 300KB.
+  # security.request.body_limit: 300
+
+  # Defines the endpoint URL for posting security-related data
+  # security.validator_service_url: wss://csec.nr-data.net
+
+  # END security agent
+
 # Environment-specific settings are in this section.
 # RAILS_ENV or RACK_ENV (as appropriate) is used to determine the environment.
 # If your application has other named environments, configure them here.

metadata

@@ -1,7 +1,7 @@
 --- !ruby/object:Gem::Specification
 name: newrelic_rpm
 version: !ruby/object:Gem::Version
-  version: 9.12.0
+  version: 9.13.0
 platform: ruby
 authors:
 - Tanna McClure
@@ -11,7 +11,7 @@ authors:
 autorequire: 
 bindir: bin
 cert_chain: []
-date: 2024-07-24 00:00:00.000000000 Z
+date: 2024-08-22 00:00:00.000000000 Z
 dependencies:
 - !ruby/object:Gem::Dependency
   name: bundler
@@ -484,6 +484,10 @@ files:
 - lib/new_relic/agent/instrumentation/net_http/instrumentation.rb
 - lib/new_relic/agent/instrumentation/net_http/prepend.rb
 - lib/new_relic/agent/instrumentation/notifications_subscriber.rb
+- lib/new_relic/agent/instrumentation/opensearch.rb
+- lib/new_relic/agent/instrumentation/opensearch/chain.rb
+- lib/new_relic/agent/instrumentation/opensearch/instrumentation.rb
+- lib/new_relic/agent/instrumentation/opensearch/prepend.rb
 - lib/new_relic/agent/instrumentation/padrino.rb
 - lib/new_relic/agent/instrumentation/padrino/chain.rb
 - lib/new_relic/agent/instrumentation/padrino/instrumentation.rb
@@ -606,6 +610,8 @@ files:
 - lib/new_relic/agent/samplers/object_sampler.rb
 - lib/new_relic/agent/samplers/vm_sampler.rb
 - lib/new_relic/agent/serverless_handler.rb
+- lib/new_relic/agent/serverless_handler_event_sources.json
+- lib/new_relic/agent/serverless_handler_event_sources.rb
 - lib/new_relic/agent/span_event_aggregator.rb
 - lib/new_relic/agent/span_event_primitive.rb
 - lib/new_relic/agent/sql_sampler.rb
@@ -668,6 +674,8 @@ files:
 - lib/new_relic/control/class_methods.rb
 - lib/new_relic/control/frameworks.rb
 - lib/new_relic/control/frameworks/external.rb
+- lib/new_relic/control/frameworks/grape.rb
+- lib/new_relic/control/frameworks/padrino.rb
 - lib/new_relic/control/frameworks/rails.rb
 - lib/new_relic/control/frameworks/rails3.rb
 - lib/new_relic/control/frameworks/rails4.rb